Saviynt Forums

Darshanjain · ‎05/22/2023

Use Case

How to exclude Roles from getting evaluated as a part of the SOD Evaluation Job(NON-SAP Type)

Issue:

There was a requirement where they wanted to exclude a few roles from getting evaluated completely as a part of the SOD Evaluation Job.

Pre-Requisites:

to perform the following action: Need to have either write access or ROLE-ADMIN SAV Role.

Solution

Solution:

This can be achieved using the exclusion query in the functions table as follows:

select entitlement_values.ENTITLEMENT_VALUEKEY from entitlement_values where entitlement_values.ENTITLEMENT_VALUEKEY in (select entitlement_values.ENTITLEMENT_VALUEKEY from roles, role_entitlements where roles.ROLEKEY= role_entitlements.ROLEKEY and role_entitlements.ENTITLEMENT_VALUEKEY= entitlement_values.ENTITLEMENT_VALUEKEY and roles.ROLETYPE=3)

In the above query, ROLETYPE=3 refers to the Firefighter Roles as the customer wanted to exclude the firefighter ones from getting evaluated.

Please note that exclusion query needs to be populated for all the functions in a particular ruleset and that can be achieved by writing a custom query as follows:

UPDATE `functions` SET `EXCLUSIONQRY` = 'select entitlement_values.ENTITLEMENT_VALUEKEY from entitlement_values where entitlement_values.ENTITLEMENT_VALUEKEY in (select entitlement_values.ENTITLEMENT_VALUEKEY from roles, role_entitlements where roles.ROLEKEY= role_entitlements.ROLEKEY and role_entitlements.ENTITLEMENT_VALUEKEY= entitlement_values.ENTITLEMENT_VALUEKEY and roles.ROLETYPE=3' WHERE (`FUNCTIONKEY` = '331');

You can define the function keys from a particular ruleset in the custom query above.

Please refer to the screenshots below: